Apple Tracks Chatting using iMessage & Shares Data with Police

Doing conversations with your friend on iMessage and thinking that they are safe and out of reach from anyone else other than you and your friend? No, it's not.

End-to-end encryption doesn't mean that your iMessages are secure enough to hide your trace because Apple not only stores a lot of information about your iMessages that could reveal your contacts and location, but even share that information with law enforcement via court orders.

According to a new document obtained by The Intercept, Apple records a log of which phone numbers you typed into their iPhone for a message conversation, along with the date and time when you entered those numbers as well as your IP address, which could be used to identify your location.

Actually, every time a user type a phone number into their iPhone for a message conversation, iMessage contacts Apple servers to find out whether to route a given message over the iMessage system.

"Apple records each query in which your phone calls home to see who's in the iMessage system and who's not," The Intercept reports.

Moreover, the company is compelled to turn over this information to law enforcement with a valid court order — generally "pen registers" or "tap and trace devices" warrants that are very easy to obtain.

Pen register warrants are routinely being used to compel telephone companies to provide metadata about customers' phone calls to law enforcement.

Apple Logs Your IP Address (Location)

But it’s surprising that Apple, which has positioned itself as a staunch defender of its user privacy by refusing the federal officials to provide encryption backdoors into its products, hands over its users' information on iMessage contacts under such warrants.

The report also points out that keeping logs of users IP address that could be used to reveal one’s actual location is contrary to Apple's 2013 claim that the company "do not store data related to customers' location."

The Intercept obtained the document, titled 'iMessage FAQ for Law Enforcement,' about Apple's iMessage logs as part of a much larger cache originating from within a state police agency, "The Florida Department of Law Enforcement's Electronic Surveillance Support Team."

The team facilitates mass data collection for law enforcement using controversial tools such as Stingrays, along with the help of conventional techniques like pen registers and tap and trace devices warrants.

Although your iMessages are end-to-end encrypted, it doesn’t mean that all Apple users are enjoying the company's so-called privacy benefit.

If you have enabled iCloud Backup on your Apple devices to keep a backup of your data, the copies of all your messages, photographs and every important data stored on your device, are encrypted on iCloud using a key controlled by Apple, and not you.

So, Apple can still read your end-to-end encrypted iMessages, if it wants.

Even if you trust the company that it won't provide your decrypted data to law enforcement (just don't forget San Bernardino case in which Apple helped the FBI with the iCloud backup of the Shooter's iPhone), anyone who breaks into your iCloud account could see your personal and confidential data.

Apple deliberately Weakens Backup Encryption

Fortunately, it is possible to store your backups locally through iTunes, though it is not such an obvious choice for an average user.

What's even worse is that a recent issue in the local password-protected iTunes backups affects the encryption strength for backups of devices on iOS 10, allowing attackers to brute-force the password for a user's local backup 2,500 faster than was possible on iOS 9.

Apple has already confirmed that the issue exists and that a fix would be included in an upcoming update.

However, in response to the latest report about iMessage logs, Apple provided the following statement:

"When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession. Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don’t contain the contents of conversations or prove that any communication actually took place."

The Florida Department of Law Enforcement still has to comment on the matter.

Apple to Debut 3 New iPad Models in 2017 : Reports

The last earnings report from Apple indicated how important the tablet business still is for Apple. The last quarter saw Apple selling 9-percent less iPads, yet the revenue grew 7 percent thanks to a higher selling price. Now, it seems it could be bringing new models to attain whatever market share’s left in the tablets space.

A new report, courtesy of MacRumors via noted analyst Ming-Chi Kuo, indicates that three new iPads could be coming in 2017, including the first ever 10.5-inch iPad that can occupy the middle ground between the larger models. Other variants include a new, cheaper 9.7-inch model and a 12.9-inch model to sit either side.

There is no word given for the iPad Mini as he thinks the arrival of the larger iPhones could have quashed the demand of the smaller tablet, altogether.

More-important, however, are the big changes that Apple has planned for 2018. The year could see the company revealing a “revolutionary” AMOLED iPad model with a flexible display and “radical” design changes. No further details were given for the same.

As for the near future, Ming-Chi Kui lowered his expectations of the current line-up’s shipments, shunning it from 45-50 million to just 35-40 million tablets, given the lack of models which are to be expected this year.

The market for tablets has for long been considered to be fairly stagnant, but it now appears that we could be headed towards some exciting announcements finally. Or perhaps it could be the final hurrah for the market? Only time will tell.

APPLE Granted a new Patent that places a second screen on IPAD Cover

Despite its name, the iPad Smart Cover is not particularly smart; it folds well and wakes your iPad from sleep, but that's about it. 

Judging by a patent recently granted to the company by the U.S. Patent Office, dug out byPatently Apple, the Smart Cover might become a lot smarter in the future. 

SEE ALSO: Apple filed a patent for a MacBook keyboard without keys

Titled "Cover attachment with flexible display," the patent describes a foldable cover for a tablet device with a "flexible display" built in. 

Apple sees this approach as an alternative to making the actual tablet bigger.

"Increasing the display area could lead to a significant expansion in functionality. Unfortunately (...) device manufacturers generally choose between making the display and therefore the device itself larger, thereby reducing the portability or making the device and display smaller with the result of a less functional device," the patent text explains. 

The advantages of having a second screen are obvious: You could have it display auxiliary info, such as the title of the song or movie currently being played on the tablet, alongside touchscreen controls. It could be used as a full-fledged second display, comparable to that of the main display; alternatively, only a portion of the cover could be a screen, with the rest reserved for solar cells. 

As always, a patent does not necessarily means such a product will see the light of day soon, or ever. 

What's interesting about this patent is that it was originally filed in 2011 (we covered it in August 2012), and though some of the concepts from it actually came to life (the iPad Pro's smart connector is one example), some of them are still quite futuristic. We certainly hope Apple will continue to innovate in the tablet area, despite iPad's steadily dwindling sales. 

Apple could offer IMessage for Android

Although Apple has its own operating system for both desktop (Mac OS X) and iPhone (iOS), the company has always tried to port its in-house applications to other OS platforms.

Apple debuted on its rival mobile OS platform last year with the launch of Apple Music on Android. However, iTunes and Safari has already been made available for both Windows as well as Mac.

Now, the company will soon move more of its mobile applications to Android if comments made by Chief Executive Tim Cook at the recent company-wide event for Apple employees are to be believed.

iMessage App for Android Platform

Cook reportedly told his staff that sooner Apple may bring other apps and exclusive services to the Android Systems, and added that bringing Apple Music to Android in November was "a way of testing the waters for growing its services division through other platforms," reports 9to5Mac.

So, you could see iMessage, the company's encrypted messaging application, expanded to Android.

iMessage is one of the most famous Apple's apps that allows Apple users to send and receive messages, photos, and videos to their fellow Apple users as long as the device has a data connection.

How Apple Can Read End-to-End Encrypted iMessages

What many of us know is iMessage uses end-to-end encryption that even Apple or anyone else can not access or read your messages, but what we don’t know is backed up messages to Apple'siCloud service are vulnerable to federal warrants.

With iCloud Backup enabled, the copies of all your messages, photographs and every important data stored on your iPhone or iPad are encrypted on iCloud using a key controlled by Apple, and not you.

This would allow Apple and hence, anyone who breaks into your account, to read your messages and see your personal and confidential data.

List of Apple Apps you Might See on Android

Besides iMessages, the list of Apple apps that you could see expanded to Android may include iTunes, Music Memos, Apple Maps, and iCloud.

In September, the company released its first-ever Android application, known as Move to iOS, designed to help Android users transfer their content quickly and safely from an Android device to an iOS device.

Although it is yet unclear when Apple will make the move, if this happens anytime soon, Which one of your favorite Apple apps you want to see on your Android devices? 

Let me know in the comments below.

MacKeeper Hacked- 13 Millions Users - 21 GB data Breached

MacKeeper anti-virus company is making headlines today for its lax security that exposed the database of 13 Million Mac users' records including names, email addresses, usernames, password hashes, IP addresses, phone numbers, and system information.

MacKeeper is a suite of software that claims to make Apple Macs more secure and stable, but today the anti-virus itself need some extra protection after a data breach exposed the personal and sensitive information for Millions of its customers.

The data breach was discovered by Chris Vickery, a white hat hacker who was able to download 13 Million customer records by simply entering a selection of IP addresses, with no username or password required to access the data.

21 GB Trove of MacKeeper Customer Data Leaked

31-year-old Vickery said he uncovered the 21 GB trove of MacKeeper customer data in a moment of boredom while searching for openly accessible databases on Shodan – a specialized search engine that looks for virtually anything connected to the Internet – that require no authentication.

"The search engine at Shodan.io had indexed their IPs as running publicly accessible MongoDB instances (as some have already guessed)," Vickery said in a Reddit post. "I had never even heard of MacKeeper or Kromtech until last night. I just happened upon it after being bored and doing a random "port:27017" search on Shodan."

As a result, four IP addresses took him straight to a MongoDB database, containing a range of personal information, including:

• Customer Names
• Email addresses
• Usernames
• Password hashes
• Mobile phone numbers
• IP addresses
• System information
• Software licenses and activation codes

Security Product Using Weak Algorithm to Hash Passwords

Although the passwords were encrypted, Vickery believes that MacKeeper was using weak MD5 hashes to protect its customer passwords, allowing anyone to crack the passwords in seconds using MD5 cracking tools.

The company responded to the issue after Vickery posted it on Reddit, saying that the company had no evidence the data was accessed by malicious parties.

"Analysis of our data storage system shows only one individual gained access performed by the security researcher himself," Kromtech, the maker of MacKeeper, said in a statement. "We have been in communication with Chris, and he has not shared or used the data inappropriately."

Though the company claims Vickery was the only person to access the MacKeeper users’'information; you should still change your MacKeeper passwords and passwords on websites that use the same password.

Android Wear Presents Timely Competition For Apple Watch

The wristwatch has been a fashion accessory for almost 450 years, but technology has transformed what was once a mere timepiece into a $30 billion industry. At the heart of this movement is the Apple Watch, a re-imagining of the wristwatch that has turned the space on its ear by marrying wearable tech wizardry with sleek, modern design.

With the inclusion of tech, something else interesting has also happened to the humble wristwatch: It has developed the potential to be a valuable business tool, as well.

With 38 different watches available, Apple has called its Watch the most personalized device it has ever created. But there’s still a chance for a competitor, like Google Android Wear, to take a bite out of the Apple Watch market share — and enterprise usability just might be a key point of difference.

Android Wear devices offer many tools and services that can positively impact the daily life of corporate users. Android Wear’s biggest value-add for both regular consumers and professional users is the ability to communicate through the smartwatch itself. Because it syncs to your phone, all of your alerts and notifications get pushed directly to your wrist — and that wrist vibration can keep you from missing calls in meetings or in loud occupational environments like server rooms or manufacturing floors.

Plus, those who travel for work will benefit from Android Wear’s travel cards, which pop up when a trip is scheduled in your Google calendar. This means QR codes for boarding passes load to your wrist, as do hotel reservations, local traffic conditions and turn-by-turn driving directions, when needed.

Features like these might be Google’s ticket to get ahead in the smartwatch segment. There are many potential paths to this possibility — but here are three ways it could finally pluck Apple Watch from its place at the top of the heap.

Delivering A Swiss-Made Smartwatch

To date, Samsung, LG, Motorola, Asus and Sony have all released Android Wear watches. Those brands have one thing in common: None of them are watchmakers.

On the other hand, the Swiss produce only a little more than 2 percent of the world’s watches, but capture more than half the global watch revenue. They produce some of the finest watches in the world, and Swiss watchmakers have accumulated thousands of patents that cover everything from clasps to mechanical function. Even the watch faces themselves are valuable: In 2012, Apple reportedly paid $21 million to the Swiss Federal Railway service to use its iconic watch-face design for the clock in iOS6.

Technology has transformed what was once a mere timepiece into a $30 billion industry.

To deliver the ultimate in modern form-meets-fashion, the answer is fairly simple: bring smartwatch technology into mechanical and quartz watches without sacrificing quality or style. In other words, get the Swiss on board! Not only would it be a boon to smartwatch buyers who don’t want to sacrifice fashion for function — it also could help Swiss watchmakers survive the digital age.

Harnessing The Power Of Project Ara And Android Wear OS

Google has spent a lot of time recently trying to regain control over Android. There’s been an uptick in Chinese OEMs leveraging the Android Open Source Project (AOSP), as well as momentum behind Cyanogen. This has resulted in Google preventing customization of some newer product releases, like Android Wear.

However, if Google completely open-sourced Android Wear, it would allow manufacturers to customize the OS for specific use cases, like for divers, pilots and the military. It could also ease the incorporation of Android Wear into Project Ara.

Project Ara is Google’s open hardware initiative for smartphones. The idea is to modularize the components of a phone (CPU, storage, camera, etc.) into an open platform to which any engineer — not just large hardware manufacturers — can contribute modules. These modules can be “hot swapped” or changed on the fly.

For example, an old camera module can be unplugged from the phone’s endoskeleton frame, and replaced with a newer high-resolution camera. Or you can choose to remove your Bluetooth module and add extra storage.

Google could bring together traditional Swiss craftsmanship with Silicon Valley technology.

This is a great initiative, but right now, it’s limited in scope. Why stop at smartphones? The components that live in a smartwatch, like the CPU, Bluetooth and storage, can easily fit inside a traditional watch. This is the integration point between Google and the Swiss. Project Ara for Android Wear, integrated into a Swiss watch, gives consumers the best of both worlds.

For example, you don’t need to worry about a smartwatch becoming dated, as the components can be upgraded as needed. Even better, you can keep your beloved Swiss mechanical function and watch face.

Thinking Outside the Box — And The Watch Face

Both Google and Apple stress that their product is more than just a watch. At Google IO, they are quick to point out that more than 4,000 apps have been created for their device. Today, the most interesting apps don’t even require an electronic display on the watch, such as functions for payment, identity, audio commands and fitness.

Imagine being able to hold up your Breitling to the NFC payment reader at your local supermarket to buy groceries, or automatically unlocking your car door with your Patek Philippe. Go out on a run and have your Swiss Army watch record your workout. Channel James Bond and talk into a microphone in your Omega Seamaster. The use-cases and customizations are endless and exciting.

Even better news? There is precedent for these types of partnerships. Google recently partnered with Levi’s on Project Jacquard to bring gesture and touch-sensing textiles to the masses.

Is there still a window for Google to win the smartwatch race, and drive billions in new revenue into the watch industry? Yes. By leveraging its hardware platform, Project Ara, and completely open-sourcing the Android Wear operating system, Google could bring together traditional Swiss craftsmanship with Silicon Valley technology into packages that deliver variety, and allow more consumers to become smartwatch owners.